安裝apache2-utils獲取htpasswd工具；2. 使用htpasswd創(chuàng)建密碼文件並添加用戶；3. 在Nginx配置中指定auth_basic和密碼文件路徑；4. 測試並重載Nginx配置即可生效，完成基於用戶名密碼的訪問控制。

Setting up Nginx basic authentication is a simple and effective way to restrict access to your web content using a username and password. It's commonly used for staging sites, internal tools, or protecting sensitive directories. Here's how to do it step by step:

? 1. Install apache2-utils (for htpasswd )

Even though it's from Apache, the htpasswd tool is widely used to generate password files for HTTP basic auth — including with Nginx.

On Ubuntu/Debian:

 sudo apt update
sudo apt install apache2-utils

On CentOS/RHEL:

 sudo yum install httpd-tools

? 2. Create a Password File and Add a User

Choose a secure location (outside web root) like /etc/nginx/.htpasswd .

To create the first user:

 sudo htpasswd -c /etc/nginx/.htpasswd username

• -c creates a new file (use only once per file).
• You'll be prompted to enter and confirm the password.

To add more users later (omit -c or it will overwrite!):

 sudo htpasswd /etc/nginx/.htpasswd anotheruser

The file will look like:

 username:$apr1$H6GJZ...etc

? 3. Configure Nginx to Use Basic Auth

Edit your site's Nginx config (usually in /etc/nginx/sites-available/your-site or /etc/nginx/conf.d/your-site.conf ).

Inside the location block you want to protect — for example, the whole site:

 server {
    listen 80;
    server_name example.com;

    location / {
        auth_basic "Restricted Access";
        auth_basic_user_file /etc/nginx/.htpasswd;

        # rest of your config (root, index, etc.)
        root /var/www/html;
        index index.html;
    }
}

To protect only a specific path:

 location /admin/ {
    auth_basic "Admin Area";
    auth_basic_user_file /etc/nginx/.htpasswd;
}

? 4. Test and Reload Nginx

Always test your config before reloading:

 sudo nginx -t

If it passes:

 sudo systemctl reload nginx

Now, when you visit the protected location, you'll see a browser prompt asking for a username and password.

? Tips

• Keep the .htpasswd file outside the web root — never serve it!
• Use strong passwords (consider a password manager).
• For production, pair basic auth with HTTPS — credentials are sent in base64 over the wire.
• If you need multiple users with different permissions, basic auth won't help — consider app-level auth instead.

That's it. No plugins, no extra services — just a quick, reliable way to add a password wall.
Basically: generate the file → point Nginx to it → reload. Done.

以上是設置NGINX基本身份驗證的詳細內容。更多資訊請關注PHP中文網其他相關文章！